Illusion Worlds: Deceptive UI Attacks in Social VR

TL;DR

This work tackles security risks in social VR by identifying four deceptive UI attacks—Object Clickjacking, Denial-of-Raycasting, Object-in-the-Middle, and Avatar Quishing—that can covertly coerce user actions in VRChat. It demonstrates the effectiveness of these attacks through an IRB-approved study with 30 participants and introduces MetaScanner, a static analysis tool for Unity-based social VR that rapidly detects suspicious content via four modules. Empirical results show high user susceptibility across the attacks, while MetaScanner achieves detection across 38 virtual worlds with low processing overhead. The paper contributes concrete attack vectors and a practical defense framework, informing safer design and governance for social VR ecosystems.

Abstract

Social Virtual Reality (VR) platforms have surged in popularity, yet their security risks remain underexplored. This paper presents four novel UI attacks that covertly manipulate users into performing harmful actions through deceptive virtual content. Implemented on VRChat and validated in an IRB-approved study with 30 participants, these attacks demonstrate how deceptive elements can mislead users into malicious actions without their awareness. To address these vulnerabilities, we propose MetaScanner, a proactive countermeasure that rapidly analyzes objects and scripts in virtual worlds, detecting suspicious elements within seconds.

Figures (5)

• Figure 1: An object clickjacking attack in which the clickjacking object intercepts user input intended for the decoy object, triggering a malicious action.
• Figure 2: A denial-of-raycasting attack, where an invisible object blocks the user's raycasting path.
• Figure 3: An object-in-the-middle attack, where an invisible object intercepts keystrokes on a virtual keypad.
• Figure 4: An avatar quishing attack where a malicious QR code redirects user input to a malicious website.
• Figure 5: An architectural overview of MetaScanner.